Manager, Offensive Security leading Capital One's Purple Team to enhance cyber defense posture. Collaborating across teams to address vulnerabilities and improve information security protocols.
About the role
- Information Security Manager at NVISO, leading cybersecurity initiatives and managing a team of consultants. Focused on enhancing clients’ security posture through strategic program implementation.
Responsibilities
- Lead and manage a team of CISOaaS/GRC consultants to deliver high-quality services to clients
- Collaborate closely with clients to understand their business objectives, risks, and unique security requirements
- Assess clients' security maturity (using ISO, BSI, or NIST standards) to identify gaps and areas for improvement
- Develop and implement a fit-for-purpose security program aligned with industry standards
- Drive the security program at client organizations, acting as the security champion
- Conduct risk assessments, identify potential vulnerabilities, and recommend risk mitigation strategies
- Oversee and support the implementation of the security program, including policies, procedures, and controls
- Provide management with updates on the company’s security posture
- Convene steering committees with relevant customer stakeholders to guide and adapt the security program
- Actively participate in the sales process by preparing and presenting Statements of Work, project plans, and requirements definitions
Requirements
- Eligible for NATO clearance
- Bachelor’s degree in Business Administration, Information Security, or a related field
- Professional certifications such as CISA, CISSP, CISM, ISO 27001 Implementer/Auditor or equivalent are strongly preferred
- Proven experience as a CISO and/or in successfully implementing ISO 27000-series (ISO27k) or BSI IT-Grundschutz at client organizations
- In-depth knowledge of relevant industry standards and frameworks, such as ISO 27001, DORA, NIST, NIS-2, GDPR, etc.
- Familiarity with risk management methodologies and their application to cybersecurity
- Ability to quickly understand complex environments and the business drivers for implementing security
- Excellent written and verbal communication skills in English and German
Benefits
- Training budget of €10,000 plus 10 paid training days (can roll over for up to two years)
- Annual gross base salary between €80,000 and €120,000, depending on experience
- Several SANS instructors on staff
- Prestigious continuing education opportunities (GSE, GXPN, CISSP, OSCP, etc.)
- Unique team events (recent locations include Lisbon, Dubai, Malta, Lapland)
- Comprehensive coaching program starting on day one
- 30 days of annual leave
- Flexible working hours and remote work options (including the option to work from other EU countries)
- Employer coverage for Deutschlandticket and BahnCard 50
- Company bike leasing
- Company pension plan
- Modern offices in central Frankfurt and Munich (roof terrace, table tennis, PlayStation, BBQ)
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Bilingual Security Agent ensuring the safety of people and property for OPENLANE. Responsibilities include surveillance, access control, and customer service at the facility.
Enterprise Sales Executive focusing on AI Security solutions for F5. Collaborating with enterprise account teams and engaging senior stakeholders in driving sales.
Security Engineering Manager responsible for developing enterprise security platforms at Snap. Leading a team to ensure security and operational excellence across the company.
Consultant conducting onsite operational security assessments and red teaming for technology client across Asia Pacific region. Focus on physical security practices and compliance in Singapore.
Information Security Advisor ensuring risk assessment and compliance for Sun Life business groups. Conducting risk assessments and advising on information security best practices.
Cloud Cybersecurity Engineer modernizing leading multi - cloud environments for Leidos. Supporting USAF system resiliency and security with hands - on cloud experience.
Auditing clients' organisations and products against ISO 27001 and ISO 22301 standards. Building relationships and improving business performance with a client - centric approach.
Senior Developer in Application Security at Clio focusing on innovative security solutions. Responsible for proactive vulnerability management in core applications and advising on security best practices.
Enterprise Services Manager leading the Technical Account Management team at Proofpoint. Responsible for maximizing customer value of products and services while ensuring high customer satisfaction.